package com.rentcars.controller;

import com.rentcars.entity.Account;
import com.rentcars.service.AccountService;
import com.rentcars.utils.Md5Util;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;

/**
 * 类描述：
 *
 * @author 张吉哲
 * @date 2021/3/3 20:26
 */
@RestController
public class LoginController {

  private final AccountService accountService;

  private static final Logger logger = LoggerFactory.getLogger(LoginController.class);

  public LoginController(AccountService accountService) {
    this.accountService = accountService;
  }

  @RequestMapping(value = "/loginAdmin", method = RequestMethod.POST)
  public Map<String, Object> loginAdmin(String username, String userpwd) {
    Map<String, Object> model = new HashMap<>(16);
    model.put("flag", true);
    String pwdSalt = accountService.selectPwdSaltByUsername(username);
    if (pwdSalt == null) {
      model.put("message", "用户名或密码错误");
      return model;
    }
    userpwd = Md5Util.md5(userpwd + pwdSalt);
    UsernamePasswordToken token = new UsernamePasswordToken(username, userpwd);

    Subject subject = SecurityUtils.getSubject();
    try {
      subject.login(token);
    } catch (UnknownAccountException e) {
      logger.info("未知账户");
      model.put("flag", false);
      model.put("message", "用户名或密码错误");
    } catch (IncorrectCredentialsException e) {
      logger.info("密码不正确");
      model.put("flag", false);
      model.put("message", "用户名或密码错误");
    } catch (LockedAccountException e) {
      logger.info("该账户已被锁定");
      model.put("flag", false);
      model.put("message", "该账户已被锁定");
    } catch (ExcessiveAttemptsException eae) {
      logger.info("用户名密码次数过多");
      model.put("flag", false);
      model.put("message", "用户名密码次数过多");
    } catch (AuthenticationException ae) {
      logger.info("用户名密码不正确");
      model.put("flag", false);
      model.put("message", "用户名或密码错误");
    }

    if (subject.isAuthenticated()) {
      logger.info("登录认证通过");
      model.put("time", new Date());
      model.put("message", "登录认证通过");
      model.put("username", username);
      Account ac = accountService.selectAccountRole(username);
      //传递一个session 将用户名字持续显示到页面上。供后续其他地方使用。
      subject.getSession().setAttribute("username", username);
      subject.getSession().setAttribute("rolename", ac.getRole().getRolename());
      subject.getSession().setAttribute("modelT", model);
    }
    return model;
  }

  @RequestMapping(value = "/logout")
  public ModelAndView logOut() {
    SecurityUtils.getSubject().logout();
    return new ModelAndView("redirect:/");
  }
}
